SHA256
1
0
forked from pool/audit

Accepting request 107576 from home:jones_tony:branches:security

OBS-URL: https://build.opensuse.org/request/show/107576
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=37
This commit is contained in:
Tony Jones 2012-02-29 18:06:19 +00:00 committed by Git OBS Bridge
parent 3adbde561c
commit cfd8ce15d5
7 changed files with 56 additions and 53 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:0820a0e1dd523bdec6de5a089656adc60b1830abd85f3776a7cd89f601a4a96c
size 634237

3
audit-2.1.3.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:6327318a73e4e38efeacfb0521388d1e6891e416992ff3798d37262395c6c4d3
size 636030

View File

@ -1,31 +0,0 @@
From: aj@suse.de
Subject: Use oom_score_adj on newer kernels
Date: 2010-09-27
Signed-Off-by: Andreas Jaeger <aj@suse.de>
I see in dmesg on my 2.6.36 kernel:
[ 19.424535] auditd (2576): /proc/2576/oom_adj is deprecated, please use /proc/2576/oom_score_adj instead.
Since oom_adj is deprecated, let's use oom_score_adj.
Index: src/auditd.c
===================================================================
--- src/auditd.c.orig
+++ src/auditd.c
@@ -265,7 +265,15 @@ static int write_pid_file(void)
static void avoid_oom_killer(void)
{
int oomfd;
-
+
+ /* Newer kernels (noticed in 2.6.36) */
+ oomfd = open("/proc/self/oom_score_adj", O_NOFOLLOW | O_WRONLY);
+ if (oomfd >= 0) {
+ (void)write(oomfd, "-1000", sizeof("-1000"));
+ close(oomfd);
+ return;
+ }
+ /* Older kernel */
oomfd = open("/proc/self/oom_adj", O_NOFOLLOW | O_WRONLY);
if (oomfd >= 0) {
(void)write(oomfd, "-17", 3);

View File

@ -1,3 +1,8 @@
-------------------------------------------------------------------
Tue Feb 28 21:58:24 UTC 2012 - tonyj@suse.com
- Update to version 2.1.3. See audit.spec upstream changelog
-------------------------------------------------------------------
Sat Sep 17 13:38:42 UTC 2011 - jengelh@medozas.de

View File

@ -1,7 +1,7 @@
#
# spec file for package audit-secondary
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -14,18 +14,22 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# nodebuginfo
%define _name audit
Name: audit-secondary
BuildRequires: gcc-c++ openldap2-devel pkg-config python-devel swig
BuildRequires: gcc-c++
BuildRequires: openldap2-devel
BuildRequires: pkg-config
BuildRequires: python-devel
BuildRequires: swig
Summary: Python Bindings for libaudit
License: GPLv2+
License: GPL-2.0+
Group: System/Monitoring
Version: 2.1.1
Release: 3
Version: 2.1.3
Release: 0
Url: http://people.redhat.com/sgrubb/audit/
Source0: audit-%{version}.tar.bz2
Patch1: audit-plugins-path.patch
@ -41,7 +45,7 @@ by python.
%package -n audit-libs-python
Summary: Python Bindings for libaudit
License: LGPLv2.1+
License: LGPL-2.1+
Group: System/Monitoring
%py_requires
@ -51,7 +55,7 @@ by python.
%package -n audit-audispd-plugins
Summary: Default plugins for the audit dispatcher
License: GPLv2+
License: GPL-2.0+
Group: System/Monitoring
Requires: openldap2

View File

@ -1,3 +1,30 @@
-------------------------------------------------------------------
Tue Feb 28 21:55:39 UTC 2012 - tonyj@suse.com
- Update to version 2.1.3, upstream changelog:
- 2.1.3
- Fix parsing of EXECVE records to not escape argc field
- If auditd's disk is full, send the right reason to client (#715315)
- Add CAP_WAKE_ALARM to interpretations
- Some updates to audisp-remote's remote-fgets function (Mirek Trmac)
- Add detection of TTY events to audisp-prelude (Matteo Sessa)
- Updated syscall tables for the 3.0 kernel
- Update linker flags for better relro support
- Make default size of logs bigger (#727310)
- Extract obj from NETFILTER_PKT events
- Disable 2 kerberos config options in audisp-remote.conf
- 2.1.2
- In ausearch/report, fix a segfault caused by MAC_POLICY_LOAD records
- In ausearch/report, add and update parsers
- In auditd, cleanup DAEMON_ACCEPT and DAEMON_CLOSE addr fields
- In ausearch/report, parse addr field of DAEMON_ACCEPT & DAEMON_CLOSE records
- In auditd, move startup success to after events are registered
- If auditd shutsdown due to failed tcp init, write a DAEMON_ABORT event
- Update auditd to avoid the oom killer in new kernels (Andreas Jaeger)
- Parse and interpret NETFILTER_PKT events correctly
- Return error if auditctl -l fails (#709345)
- In audisp-remote, replace glibc's fgets with custom implementation
-------------------------------------------------------------------
Fri Sep 30 20:07:43 UTC 2011 - coolo@suse.com

View File

@ -1,7 +1,7 @@
#
# spec file for package audit
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -16,16 +16,16 @@
#
Name: audit
BuildRequires: gcc-c++ tcpd-devel
BuildRequires: gcc-c++
BuildRequires: kernel-headers >= 2.6.29
BuildRequires: libtool
BuildRequires: tcpd-devel
Summary: User Space Tools for 2.6 Kernel Auditing
Version: 2.1.1
Release: 11
License: GPLv2+
License: GPL-2.0+
Group: System/Monitoring
Version: 2.1.3
Release: 0
Url: http://people.redhat.com/sgrubb/audit/
Source0: %{name}-%{version}.tar.bz2
Source1: auditd.init
@ -35,7 +35,6 @@ Source4: README-BEFORE-ADDING-PATCHES
Patch1: audit-no_python.patch
Patch2: audit-no_plugins.patch
Patch3: audit-no-gss.patch
Patch4: audit-oom_score_adj.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Requires: %{name}-libs = %{version}
PreReq: %insserv_prereq %fillup_prereq sysvinit(syslog)
@ -47,7 +46,7 @@ Linux 2.6 kernel.
%package -n libaudit1
Summary: Dynamic library for libaudit
License: LGPLv2.1+
License: LGPL-2.1+
Group: System/Monitoring
Obsoletes: %{name}-libs < 2.0.4
Provides: %{name}-libs = %{version}
@ -58,7 +57,7 @@ applications to use the audit framework.
%package -n libauparse0
Summary: Dynamic library for libauparse
License: LGPLv2.1+
License: LGPL-2.1+
Group: System/Monitoring
%description -n libauparse0
@ -67,7 +66,7 @@ parse audit records.
%package devel
Summary: Header files and static library for libaudit
License: LGPLv2.1+
License: LGPL-2.1+
Group: Development/Libraries/C and C++
Requires: libaudit1 = %{version}
Requires: libauparse0 = %{version}
@ -82,7 +81,6 @@ libraries.
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4
%build
autoreconf -fi